<?php
require('functions.php');
if(isset($_POST['submit'])){
	require('clases/user.class.php');
	$objUser=new User;
	
	$user_id = htmlspecialchars(trim($_POST['user_id']));
	$nombre = htmlspecialchars(trim($_POST['nombre']));
	$apellido = htmlspecialchars(trim($_POST['apellido']));
	$login = htmlspecialchars(trim($_POST['login']));
	$psw = htmlspecialchars(trim($_POST['psw']));
	$role=htmlspecialchars(trim($_POST['role']));
	
	if ( $objUser->actualizar(array($nombre,$apellido,$login,$psw,$role),$user_id) == true){ 
		echo 'Datos guardados';
	}else{
		echo 'Se produjo un error. Intente nuevamente';
	} 
}else{
	if(isset($_GET['id'])){
		
		require('clases/user.class.php');
		$objUser=new User;
		$consulta = $objUser->mostrar_user($_GET['id']);
		$user = mysql_fetch_array($consulta);
	?>
    
	<form id="frmUserActualizar" name="frmUserActualizar" method="post" action="actuser.php" onsubmit="ActualizarUser(); return false">
    	<input type="hidden" name="user_id" id="user_id" value="<?php echo $user['id']?>" />
        <p>
	  <label>Nombre<br />
	  <input class="text" type="text" name="nombre" id="nombre" value="<?php echo $user['nombre']?>" />
	  </label>
      </p>
	  <p>
		<label>Apellido<br />
		<input class="text" type="text" name="apellido" id="apellido" value="<?php echo $user['apellido']?>" />
		</label>
	  </p>
	 <p>
		<label>Login<br />
		<input class="text" type="text" name="login" id="login" value="<?php echo $user['login']?>" />
		</label>
	  </p>
	  <p>
        <label>Password<br />
        <input class="text" type="password" name="psw" id="psw" value="<?php echo $user['psw'] ?>" />       
        </label>
	  </p>
       <p>
  Rol: <select name="role" id="role">
<?php
$conexion = mysql_connect("localhost", "admin", "Xurpas123");
mysql_select_db("smsnic", $conexion);
$result1= mysql_query("SELECT users.id, nombre, apellido, login, psw, role FROM users inner join roles on users.id_role=roles.id  where id_role = ".$user['id_role']." ORDER BY users.id DESC", $conexion) or die(mysql_error());  
if (mysql_num_rows($result1)){ 
$row1 = @mysql_fetch_array($result1);
$dato = $row1['role'];
echo "<option value=".$row1['role'].">";
echo $dato;
echo "</option>";
}


mysql_close($conexion);

?>  

<?php
$conexion = mysql_connect("localhost", "admin", "Xurpas123");
mysql_select_db("smsnic", $conexion);
$result1= mysql_query("SELECT 
        role, roles.id,
        ifnull(case when role like 'Administrador' then count(*) end,0) ccadmin
 FROM users
      inner join roles on users.id_role = roles.id where role not like '".$dato."' group by role
having ccadmin > 2", $conexion) or die(mysql_error());
if (!mysql_num_rows($result1)){ 

$result1= mysql_query("   SELECT 
        role, roles.id
 FROM
       roles where role not like '".$dato."'", $conexion) or die(mysql_error());
}
else
{
	
$result1= mysql_query("  SELECT 
        role, roles.id
 FROM
       roles where role not like 'administrador' and  role not like '".$dato."' ", $conexion) or die(mysql_error());
	}

while ($row1 = @mysql_fetch_array($result1)){
	$dato = $row1['role'];
echo "<option value=".$row1['role'].">";
echo $dato;
echo "</option>";
}



mysql_close($conexion);
?>
</select><br><br>
  </p>
	  <p>
		<input type="submit" name="submit" id="button" value="Enviar" />
		<label></label>
		<input type="button" name="cancelar" id="cancelar" value="Cancelar" onclick="Cancelar()" />
	  </p>
	</form>
	<?php
	}
}
?>